LISTING OF CLAIMS IN THE CASE 

The following listing of claims replaces all previous listing of claims: 
1-12. (Canceled) 

13. (Previously Presented) A computer-readable medium having stored thereon 
a program, which when run on a processor, performs a method of managing a 
network, said method comprising: 

comparing addresses associated with packets received at a first port in said 
networi< with expected addresses for said first port to detemriine unexpected 
addresses; and 

tracing a topology of said network to determine a second port at which a 
packet associated with an unexpected address entered said networic. 

14. (Original) The computer-readable medium of Claim 13 wherein said network 
is a virtually-wired switching network and said first port couples switches in said 
network and said second port is coupled to a host device. 

15. (Previously Presented) The computer-readable medium of Claim 13, wherein 
said network comprises a virtually-wired switching fabric. 

16. (Previously Presented) The computer-readable medium of Claim 15. wherein 
said method further comprises: 

taking corrective action at said second port, wherein said second port is 
coupled to a host device. 
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17. (Previously Presented) The computer-readable medium of Claim 15, wherein 
said method further comprises: 

disabling said second port, wherein said second port is at the edge of said 
virtually-wired switching fabric. 

18. (Previously Presented) The computer-readable medium of Claim 13 wherein 
said comparing addresses associated with packets received at a first port in said 
network with expected addresses for said first port to detemiine unexpected 
addresses comprises reading a bridge table to determine learned addresses at said 
first port. 

19. (Previously Presented) The computer-readable medium of Claim 13 wherein 
said comparing addresses associated with packets received at a first port in said 
network with expected addresses for said first port to determine unexpected 
addresses is repeated for each interconnect port in said network, wherein said 
network comprises a plurality of switches. 

20. (Previously Presented) The computer-readable medium of Claim 13, wherein 
said method further comprises: 

detenmining changes in physical topology of said network. 

21 . (Previously Presented) The computer-readable medium of Claim 20 wherein 
said detenmining changes in physical topology of said network comprises comparing 
a physical description of said network with a stored physical description of said 
network. 
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22. (Previously Presented) A method of managing a network, said method 
comprising: 

accessing a database of a stored physical topology of said network to obtain 
authorized addresses at host ports of switches; 

configuring a switch In said network to fonA^ard a packet received at a first 
port if an address associated with said packet is authorized for said first port; 

comparing a set of learned addresses against a set of expected addresses, 
said leamed addresses comprising addresses associated with packets processed at 
a second port, said expected addresses derived from an expected configuration of 
said network; and 

tracing a topology of said network to find a third port where an unexpected 
address entered said network, said third port coupled to a device having a media 
access control (MAC address) that is said unexpected address. 

23. (Cancelled) 

24. (Previously Presented) The method of Claim 22, further comprising: 
disabling said third port, wherein said network is a virtually-wired switching 

fabric and said third port is at the edge of said virtually-wired switching fabric. 

25. (Previously Presented) The method of Claim 22, wherein said configuring the 
switch further comprises configuring the switch to drop said packet if said address is 
not authorized. 

26. (Previously Presented) The method of Claim 22, wherein said configuring the 
switch comprises programming the switch in said network to recognize authorized 
addresses for said first port. 
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27. (Previously Presented) The method of Claim 22, wherein said configuring the 
switch further comprises configuring the switch to forward said packet to a host 
device if said address is authorized for said first port, said first port coupled to said 
host device. 

28. (Previously Presented) The method of Claim 22, further comprising: 
detennlning changes in physical topology of said network. 

29. (Previously Presented) The method Claim 28 wherein said determining 
changes in physical topology comprises comparing a physical description of said 
network with said stored physical topology of said network. 

30. (Original) The method of Claim 29 wherein said address is a media access 
control (MAC) address and wherein said network comprises a virtually-wired 
switching fabric. 

31 . (Previously Presented) A network comprising: 
a plurality switches; 

said switches interconnected and configured to control communication 
between a plurality of devices coupled to said network; 

a database having stored therein a stored physical topology of said networi< 
and authorized addresses associated with packets processed at ports of said 
switches, wherein said authorized addresses are based on said stored physical 
topology; 

a configuration agent that is able to program said switches based on said 
authorized addresses to detect a packet having an unauthorized address; and 
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a management agent that is able to: 

compare addresses learned by said switches against said authorized 
addresses to determine an unauthorized address; and 

trace a topology of said network to detenmine a port where a packet 
associated with said unauthorized address entered said network. 

32. (Previously Presented) The network of Claim 31 , wherein: 

said switches are further configured to forward said packet If said address is 
authorized. 

33. (Previously Presented) The network of Claim 31 , wherein: 

said switches are further configured to drop said packet if said address is not 
authorized. 

34. (Original) The network of Claim 31 , wherein there Is a one-to-one mapping 
between ports of said switches and ports of said devices. 

35. (Previously Presented) A network as recited in Claim 31 wherein said 
addresses are medium control access (MAC) addresses. 

36. (Previously Presented) A network as recited In Claim 31 wherein said 
network comprises a virtually-wired switching fabric. 
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37. (Previously Presented) A network as recited in Claim 31 wherein said 
management agent is further able to determine changes in said physical topology of 
said network and to update said stored physical topology and authorized addresses 
in said database based on said changes. 

38. (Previously Presented) A network as recited in Claim 37 wherein said 
configuration agent is further able to re-program said switches based on said 
updates to said authorized addresses. 
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